diff --git a/reference/curl/constants_curl_setopt.xml b/reference/curl/constants_curl_setopt.xml
index bf432cc50cc3..371646307a0c 100644
--- a/reference/curl/constants_curl_setopt.xml
+++ b/reference/curl/constants_curl_setopt.xml
@@ -13,7 +13,7 @@
as CURLOPT_UNIX_SOCKET_PATH. These two options
share the same storage and therefore only one of them can be set
per handle.
- Available as of PHP 7.3.0 and cURL 7.53.0
+ Available as of PHP 7.3.0 and cURL 7.53.0.
@@ -68,7 +68,7 @@
- Pass the filename for cURL to use as the Alt-Svc cache file to read existing cache contents from and
+ Pass a string with the filename for cURL to use as the Alt-Svc cache file to read existing cache contents from and
possibly also write it back to a after a transfer, unless CURLALTSVC_READONLYFILE
is set via CURLOPT_ALTSVC_CTRL.
Available as of PHP 8.2.0 and cURL 7.64.1.
@@ -85,11 +85,10 @@
Populate the bitmask with the correct set of features to instruct cURL how to handle Alt-Svc for the
transfers using this handle. cURL only accepts Alt-Svc headers over HTTPS. It will also only complete
a request to an alternative origin if that origin is properly hosted over HTTPS.
- Setting any bit will enable the alt-svc engine. The options are:
- CURLALTSVC_H1,
- CURLALTSVC_H2,
- CURLALTSVC_H3, and
- CURLALTSVC_READONLYFILE.
+ Setting any bit will enable the alt-svc engine.
+ Set to any of the
+ CURLALTSVC_* constants.
+ Defaults to Alt-Svc handling being disabled.
Available as of PHP 8.2.0 and cURL 7.64.1.
@@ -117,6 +116,8 @@
&true; to automatically set the Referer: field in
requests where it follows a Location: redirect.
+ Defaults to 0.
+ Available as of cURL 7.1.0.
@@ -127,10 +128,10 @@
- Provides AWS V4 signature authentication on HTTP(S) header.
+ Provides AWS V4 signature authentication on HTTP(S) header as a string.
This option overrides any other authentication types that have been set in
CURLOPT_HTTPAUTH. This method cannot be combined with other authentication types.
- Available as of PHP 8.2.0 and cURL 7.75.0
+ Available as of PHP 8.2.0 and cURL 7.75.0.
@@ -141,7 +142,8 @@
-
+ This constant is no longer used as of PHP 5.5.0.
+ Deprecated as of PHP 8.4.0.
@@ -154,6 +156,8 @@
The size of the buffer to use for each read. There is no guarantee
this request will be fulfilled, however.
+ This option accepts any value that can be cast to a valid int.
+ Defaults to CURL_MAX_WRITE_SIZE (currently, 16kB).
Available as of cURL 7.10.
@@ -165,9 +169,10 @@
- The name of a file holding one or more certificates to verify the
+ A string with the name of a file holding one or more certificates to verify the
peer with. This only makes sense when used in combination with
CURLOPT_SSL_VERIFYPEER. Might require an absolute path.
+ Available as of cURL 7.4.2.
@@ -178,9 +183,9 @@
- The name of a PEM file holding one or more certificates to verify the
+ A string with the name of a PEM file holding one or more certificates to verify the
peer with. This option overrides CURLOPT_CAINFO.
- Available as of PHP 8.2.0 and cURL 7.77.0
+ Available as of PHP 8.2.0 and cURL 7.77.0.
@@ -191,8 +196,9 @@
- A directory that holds multiple CA certificates. Use this option
- alongside CURLOPT_SSL_VERIFYPEER.
+ A string with a directory that holds multiple CA certificates.
+ Use this option alongside CURLOPT_SSL_VERIFYPEER.
+ Available as of cURL 7.9.8.
@@ -203,6 +209,10 @@
+ Sets the maximum time in seconds any in memory cached CA certificate store
+ may be kept and reused for new connections.
+ This option accepts any value that can be cast to a valid int.
+ Defaults to 86400 (24 hours).
Available as of PHP 8.3.0 and cURL 7.87.0
@@ -215,8 +225,10 @@
&true; to output SSL certification information to STDERR
- on secure transfers. Added in cURL 7.19.1.
+ on secure transfers.
Requires CURLOPT_VERBOSE to be on to have an effect.
+ Defaults to &false;.
+ Available as of cURL 7.19.1.
@@ -229,6 +241,9 @@
The number of seconds to wait while trying to connect. Use 0 to
wait indefinitely.
+ This option accepts any value that can be cast to a valid int.
+ Defaults to 300.
+ Available as of cURL 7.7.0.
@@ -239,12 +254,14 @@
- The number of milliseconds to wait while trying to connect. Use 0 to
- wait indefinitely.
-
- If libcurl is built to use the standard system name resolver, that
+ The number of milliseconds to wait while trying to connect.
+ Use 0 to wait indefinitely.
+ If cURL is built to use the standard system name resolver, that
portion of the connect will still use full-second resolution for
- timeouts with a minimum timeout allowed of one second. Available as of cURL 7.16.2.
+ timeouts with a minimum timeout allowed of one second.
+ This option accepts any value that can be cast to a valid int.
+ Defaults to 300000.
+ Available as of cURL 7.16.2.
@@ -258,6 +275,7 @@
&true; tells the library to perform all the required proxy authentication
and connection setup, but no data transfer. This option is implemented for
HTTP, SMTP and POP3.
+ Defaults to &false;.
Available as of cURL 7.15.2.
@@ -270,9 +288,9 @@
Connect to a specific host and port instead of the URL's host and port.
- Accepts an array of strings with the format
+ Accepts an array of strings with the format
HOST:PORT:CONNECT-TO-HOST:CONNECT-TO-PORT.
- Available as of PHP 7.0.7 and cURL 7.49.0
+ Available as of PHP 7.0.7 and cURL 7.49.0.
@@ -283,10 +301,10 @@
- The contents of the "Cookie: " header to be
- used in the HTTP request.
+ A string with the contents of the Cookie: header to be used in the HTTP request.
Note that multiple cookies are separated with a semicolon followed
- by a space (e.g., "fruit=apple; colour=red")
+ by a space (e.g., fruit=apple; colour=red).
+ Available as of cURL 7.1.0.
@@ -297,11 +315,11 @@
- The name of the file containing the cookie data. The cookie file can
- be in Netscape format, or just plain HTTP-style headers dumped into
- a file.
- If the name is an empty string, no cookies are loaded, but cookie
+ A string with the name of the file containing the cookie data.
+ The cookie file can be in Netscape format, or just plain HTTP-style headers dumped into a file.
+ If the name is an empty string, no cookies are loaded, but cookie
handling is still enabled.
+ Available as of cURL 7.1.0.
@@ -312,8 +330,9 @@
- The name of a file to save all internal cookies to when the
- handle's destructor is called.
+ A string with the name of a file to save all internal cookies to when
+ the handle's destructor is called.
+ Available as of cURL 7.9.0.
As of PHP 8.0.0, curl_close is a no-op
@@ -332,13 +351,27 @@
- A cookie string (i.e. a single line in Netscape/Mozilla format, or a regular
+ A cookie string (i.e. a single line in Netscape/Mozilla format, or a regular
HTTP-style Set-Cookie header) adds that single cookie to the internal cookie store.
- "ALL" erases all cookies held in memory.
- "SESS" erases all session cookies held in memory.
- "FLUSH" writes all known cookies to the file specified by CURLOPT_COOKIEJAR.
- "RELOAD" loads all cookies from the files specified by CURLOPT_COOKIEFILE.
- Available as of cURL 7.14.1
+
+
+ ALL
+ erases all cookies held in memory
+
+
+ SESS
+ erases all session cookies held in memory
+
+
+ FLUSH
+ writes all known cookies to the file specified by CURLOPT_COOKIEJAR
+
+
+ RELOAD
+ loads all cookies from the files specified by CURLOPT_COOKIEFILE
+
+ .
+ Available as of cURL 7.14.1.
@@ -349,12 +382,13 @@
- &true; to mark this as a new cookie "session". It will force libcurl
+ &true; to mark this as a new cookie "session". It will force cURL
to ignore all cookies it is about to load that are "session cookies"
- from the previous session. By default, libcurl always stores and
+ from the previous session. By default, cURL always stores and
loads all cookies, independent if they are session cookies or not.
Session cookies are cookies without expiry date and they are meant
to be alive and existing for this "session" only.
+ Available as of cURL 7.9.7.
@@ -367,6 +401,7 @@
&true; to convert Unix newlines to CRLF newlines
on transfers.
+ Available as of cURL 7.1.0.
@@ -391,7 +426,7 @@
Also note that CURLOPT_CRLFILE implies
CURLSSLOPT_NO_PARTIALCHAIN
as of cURL 7.71.0 due to an OpenSSL bug.
- Available as of cURL 7.19.0
+ Available as of cURL 7.19.0.
@@ -403,14 +438,16 @@
A custom request method to use instead of
- "GET" or "HEAD" when doing
+ GET or HEAD when doing
a HTTP request. This is useful for doing
- "DELETE" or other, more obscure HTTP requests.
- Valid values are things like "GET",
- "POST", "CONNECT" and so on;
+ DELETE or other, more obscure HTTP requests.
+ Valid values are things like GET,
+ POST, CONNECT and so on;
i.e. Do not enter a whole HTTP request line here. For instance,
- entering "GET /index.html HTTP/1.0\r\n\r\n"
+ entering GET /index.html HTTP/1.0\r\n\r\n
would be incorrect.
+ This option accepts a string or &null;.
+ Available as of cURL 7.1.0.
Don't do this without making sure the server supports the custom
@@ -427,8 +464,8 @@
- The default protocol to use if the URL is missing a scheme name.
- Available as of PHP 7.0.7 and cURL 7.45.0
+ A string with the default protocol to use if the URL is missing a scheme name.
+ Available as of PHP 7.0.7 and cURL 7.45.0.
@@ -459,8 +496,9 @@
- &true; to not allow URLs that include a username. Usernames are allowed by default (0).
- Available as of PHP 7.3.0 and cURL 7.61.0
+ &true; to not allow URLs that include a username.
+ Usernames are allowed by default.
+ Available as of PHP 7.3.0 and cURL 7.61.0.
@@ -472,7 +510,9 @@
The number of seconds to keep DNS entries in memory. This
- option is set to 120 (2 minutes) by default.
+ option is set to 120 (2 minutes) by default.
+ This option accepts any value that can be cast to a valid int.
+ Available as of cURL 7.9.3.
@@ -485,6 +525,7 @@
Set the name of the network interface that the DNS resolver should bind to.
This must be an interface name (not an address).
+ This option accepts a string or &null;.
Available as of PHP 7.0.7 and cURL 7.33.0
@@ -496,9 +537,10 @@
- Set the local IPv4 address that the resolver should bind to. The argument
- should contain a single numerical IPv4 address as a string.
- Available as of PHP 7.0.7 and cURL 7.33.0
+ Set the local IPv4 address that the resolver should bind to.
+ The argument should contain a single numerical IPv4 address.
+ This option accepts a string or &null;.
+ Available as of PHP 7.0.7 and cURL 7.33.0.
@@ -509,9 +551,10 @@
- Set the local IPv6 address that the resolver should bind to. The argument
- should contain a single numerical IPv6 address as a string.
- Available as of PHP 7.0.7 and cURL 7.33.0
+ Set the local IPv6 address that the resolver should bind to.
+ The argument should contain a single numerical IPv6 address.
+ This option accepts a string or &null;.
+ Available as of PHP 7.0.7 and cURL 7.33.0.
@@ -525,7 +568,7 @@
Pass a string with a comma-separated list of DNS servers to be used
instead of the system default
(e.g.: 192.168.1.100,192.168.1.101:8080).
- Available as of cURL 7.24.0
+ Available as of cURL 7.24.0.
@@ -539,7 +582,7 @@
&true; to shuffle the order of all returned addresses so that they will be used
in a random order, when a name is resolved and more than one IP address is returned.
This may cause IPv4 to be used before IPv6 or vice versa.
- Available as of PHP 7.3.0 and cURL 7.60.0
+ Available as of PHP 7.3.0 and cURL 7.60.0.
@@ -553,6 +596,7 @@
&true; to use a global DNS cache. This option is not thread-safe.
It is conditionally enabled by default if PHP is built for non-threaded use
(CLI, FCGI, Apache2-Prefork, etc.).
+ Available as of cURL 7.9.3 and deprecated as of cURL 7.11.1.
@@ -563,7 +607,7 @@
- Verify the DNS-over-HTTPS server's SSL certificate name fields against the host name.
+ Set to 2 to verify the DNS-over-HTTPS server's SSL certificate name fields against the host name.
Available as of PHP 8.2.0 and cURL 7.76.0.
@@ -575,7 +619,8 @@
- Verify the authenticity of the DNS-over-HTTPS server's SSL certificate.
+ Set to 1 to enable and 0 to disable
+ verification of the authenticity of the DNS-over-HTTPS server's SSL certificate.
Available as of PHP 8.2.0 and cURL 7.76.0.
@@ -587,7 +632,8 @@
- Tell cURL to verify the status of the DNS-over-HTTPS server certificate
+ Set to 1 to enable and 0 to disable
+ the verification of the status of the DNS-over-HTTPS server certificate
using the "Certificate Status Request" TLS extension (OCSP stapling).
Available as of PHP 8.2.0 and cURL 7.76.0.
@@ -601,6 +647,7 @@
Provides the DNS-over-HTTPS URL.
+ This option accepts a string or &null;.
Available as of PHP 8.1.0 and cURL 7.62.0.
@@ -614,6 +661,7 @@
Like CURLOPT_RANDOM_FILE, except a filename
to an Entropy Gathering Daemon socket.
+ Available as of cURL 7.7.0 and deprecated as of cURL 7.84.0.
@@ -624,12 +672,16 @@
- The contents of the "Accept-Encoding: " header.
- This enables decoding of the response. Supported encodings are
- "identity", "deflate", and
- "gzip". If an empty string, "",
- is set, a header containing all supported encoding types is sent.
- Available as of cURL 7.10.
+ The contents of the Accept-Encoding: header as a string.
+ This enables decoding of the response. Supported encodings are:
+
+ identity
+ deflate
+ gzip
+ .
+ If an empty string is set,
+ a header containing all supported encoding types is sent.
+ Available as of cURL 7.10 and deprecated as of cURL 7.21.6.
@@ -641,8 +693,9 @@
The timeout for Expect: 100-continue responses in milliseconds.
- Defaults to 1000 milliseconds.
- Available as of PHP 7.0.7 and cURL 7.36.0
+ Defaults to 1000 milliseconds.
+ This option accepts any value that can be cast to a valid int.
+ Available as of PHP 7.0.7 and cURL 7.36.0.
@@ -654,8 +707,9 @@
&true; to fail verbosely if the HTTP code returned
- is greater than or equal to 400. The default behavior is to return
+ is greater than or equal to 400. The default behavior is to return
the page normally, ignoring the code.
+ Available as of cURL 7.1.0.
@@ -666,8 +720,10 @@
- The file that the transfer should be written to. The default
- is STDOUT (the browser window).
+ Accepts a file handle resource
+ to the file that the transfer should be written to.
+ The default is STDOUT (the browser window).
+ Available as of cURL 7.1.0 and deprecated as of cURL 7.9.7.
@@ -678,10 +734,11 @@
- &true; to attempt to retrieve the modification
+ Set to &true; to attempt to retrieve the modification
date of the remote document. This value can be retrieved using
the CURLINFO_FILETIME option with
curl_getinfo.
+ Available as of cURL 7.5.0.
@@ -741,12 +798,12 @@
- &true; to follow any
- "Location: " header that the server sends as
+ Set to &true; to follow any Location: header that the server sends as
part of the HTTP header.
See also CURLOPT_MAXREDIRS.
This constant is not available when open_basedir
is enabled.
+ Available as of cURL 7.1.0.
@@ -757,8 +814,9 @@
- &true; to force the connection to explicitly
+ Set to &true; to force the connection to explicitly
close when it has finished processing, and not be pooled for reuse.
+ Available as of cURL 7.7.0.
@@ -769,8 +827,9 @@
- &true; to force the use of a new connection
+ Set to &true; to force the use of a new connection
instead of a cached one.
+ Available as of cURL 7.7.0.
@@ -781,8 +840,9 @@
- &true; to append to the remote file instead of
+ Set to &true; to append to the remote file instead of
overwriting it.
+ Available as of cURL 7.1.0 and deprecated as of cURL 7.16.4.
@@ -795,6 +855,9 @@
An alias of
CURLOPT_TRANSFERTEXT. Use that instead.
+ Available as of cURL 7.1, deprecated as of cURL 7.11.1
+ and last available in cURL 7.15.5.
+ Removed as of PHP 7.3.0.
@@ -805,8 +868,8 @@
- &true; to only list the names of an FTP
- directory.
+ Set to &true; to only list the names of an FTP directory.
+ Available as of cURL 7.1.0 and deprecated as of cURL 7.16.4.
@@ -817,12 +880,13 @@
- The value which will be used to get the IP address to use
- for the FTP "PORT" instruction. The "PORT" instruction tells
+ A string which will be used to get the IP address to use for the FTP PORT instruction. The PORT instruction tells
the remote server to connect to our specified IP address. The
- string may be a plain IP address, a hostname, a network
- interface name (under Unix), or just a plain '-' to use the
- systems default IP address.
+ string may be a plain IP address, a hostname,
+ a network interface name (under Unix),
+ or just a plain - to use the system's default IP address.
+ This option accepts a string or &null;.
+ Available as of cURL 7.1.0.
@@ -833,10 +897,9 @@
- The FTP authentication method (when is activated):
- CURLFTPAUTH_SSL (try SSL first),
- CURLFTPAUTH_TLS (try TLS first), or
- CURLFTPAUTH_DEFAULT (let cURL decide).
+ Set the FTP over SSL authentication method (if activated) to any of the
+ CURLFTPAUTH_* constants.
+ Defaults to CURLFTPAUTH_DEFAULT.
Available as of cURL 7.12.2.
@@ -877,8 +940,9 @@
- &true; to create missing directories when an FTP operation
+ Set to &true; to create missing directories when an FTP operation
encounters a path that currently doesn't exist.
+ Available as of cURL 7.10.7.
@@ -889,11 +953,9 @@
- Tell curl which method to use to reach a file on a FTP(S) server. Possible values are
- CURLFTPMETHOD_DEFAULT,
- CURLFTPMETHOD_MULTICWD,
- CURLFTPMETHOD_NOCWD, and
- CURLFTPMETHOD_SINGLECWD.
+ Tell cURL which method to use to reach a file on a FTP(S) server. Possible values are
+ any of the CURLFTPMETHOD_* constants.
+ Defaults to CURLFTPMETHOD_MULTICWD.
Available as of cURL 7.15.1.
@@ -937,7 +999,7 @@
-
+ Available as of cURL 7.11.0 and deprecated as of cURL 7.16.4.
@@ -964,9 +1026,9 @@
- &true; to use EPRT (and LPRT) when doing active
- FTP downloads. Use &false; to disable EPRT and LPRT and use PORT
- only.
+ Set to &true; to use EPRT (and LPRT) when doing active FTP downloads.
+ Set to &false; to disable EPRT and LPRT and use PORT only.
+ Available as of cURL 7.10.5.
@@ -977,9 +1039,9 @@
- &true; to first try an EPSV command for FTP
- transfers before reverting back to PASV. Set to &false;
- to disable EPSV.
+ Set to &true; to first try an EPSV command for FTP transfers before reverting back to PASV.
+ Set to &false; to disable EPSV.
+ Available as of cURL 7.9.2.
@@ -1022,10 +1084,11 @@
- Head start for ipv6 for the happy eyeballs algorithm. Happy eyeballs attempts
+ Head start for IPv6 for the happy eyeballs algorithm. Happy eyeballs attempts
to connect to both IPv4 and IPv6 addresses for dual-stack hosts,
preferring IPv6 first for timeout milliseconds.
- Defaults to CURL_HET_DEFAULT, which is currently 200 milliseconds.
+ Defaults to CURL_HET_DEFAULT, which is currently 200 milliseconds.
+ This option accepts any value that can be cast to a valid int.
Available as of PHP 7.3.0 and cURL 7.59.0
@@ -1037,9 +1100,9 @@
- &true; to send an HAProxy PROXY protocol v1 header at the start of the connection.
+ &true; to send an HAProxy PROXY protocol v1 header at the start of the connection.
The default action is not to send this header.
- Available as of PHP 7.3.0 and cURL 7.60.0
+ Available as of PHP 7.3.0 and cURL 7.60.0.
@@ -1050,7 +1113,9 @@
- &true; to include the header in the output.
+ Set to &true; to include the headers in the output sent to the callback
+ defined by CURLOPT_WRITEFUNCTION.
+ Available as of cURL 7.1.0.
@@ -1061,11 +1126,32 @@
- A callback accepting two parameters.
- The first is the cURL resource, the second is a
- string with the header data to be written. The header data must
- be written by this callback. Return the number of
- bytes written.
+ A callable with the following signature:
+
+ intcallback
+ resourcecurlHandle
+ stringheaderData
+
+
+
+ curlHandle
+
+
+ The cURL handle.
+
+
+
+
+ headerData
+
+
+ The header data which must be written by the callback.
+
+
+
+
+ The callback should return the number of bytes written.
+ Available as of cURL 7.7.2.
@@ -1076,10 +1162,12 @@
- Possible values are CURLHEADER_UNIFIED or CURLHEADER_SEPARATE.
+ Send HTTP headers to both proxy and host or separately.
+ Possible values are any of the
+ CURLHEADER_* constants.
Defaults to CURLHEADER_SEPARATE as of cURL
- 7.42.1, and CURLHEADER_UNIFIED before.
- Available as of PHP 7.0.7 and cURL 7.37.0
+ 7.42.1, and CURLHEADER_UNIFIED prior to that.
+ Available as of PHP 7.0.7 and cURL 7.37.0.
@@ -1090,8 +1178,10 @@
- HSTS (HTTP Strict Transport Security) cache file name.
- Available as of PHP 8.2.0 and cURL 7.74.0
+ string with HSTS (HTTP Strict Transport Security) cache file name
+ or &null; to allow HSTS without reading from or writing to any file
+ and clear the list of files to read HSTS data from.
+ Available as of PHP 8.2.0 and cURL 7.74.0.
@@ -1102,11 +1192,9 @@
- Controls HSTS (HTTP Strict Transport Security) behavior. Populate the bitmask with the correct set of
- features to instruct cURL how to handle HSTS for the transfers using this handle.
- CURLHSTS_ENABLE enables the in-memory HSTS cache. If the HSTS cache file is defined,
- set CURLHSTS_READONLYFILE to make the file read-only.
- Available as of PHP 8.2.0 and cURL 7.74.0
+ Accepts a bitmask of HSTS (HTTP Strict Transport Security) features
+ defined by the CURLHSTS_* constants.
+ Available as of PHP 8.2.0 and cURL 7.74.0.
@@ -1117,9 +1205,9 @@
- Whether to allow HTTP/0.9 responses. Defaults to &false; as of libcurl 7.66.0;
+ Whether to allow HTTP/0.9 responses. Defaults to &false; as of cURL 7.66.0;
formerly it defaulted to &true;.
- Available as of PHP 7.3.15 and 7.4.3, respectively, and cURL 7.64.0
+ Available as of PHP 7.3.15 and 7.4.3, respectively, and cURL 7.64.0.
@@ -1130,8 +1218,7 @@
- An array of HTTP 200 responses that will be treated as valid
- responses and not as errors.
+ An array of HTTP 200 responses that will be treated as valid responses and not as errors.
Available as of cURL 7.10.3.
@@ -1143,21 +1230,23 @@
- The HTTP authentication method(s) to use. The options are:
- CURLAUTH_BASIC,
- CURLAUTH_DIGEST,
- CURLAUTH_GSSNEGOTIATE,
- CURLAUTH_NTLM,
- CURLAUTH_AWS_SIGV4,
- CURLAUTH_ANY, and
- CURLAUTH_ANYSAFE.
- The bitwise | (or) operator can be used to combine
- more than one method. If this is done, cURL will poll the server to see
+ A bitmask of HTTP authentication method(s) to use. The options are:
+
+ CURLAUTH_BASIC
+ CURLAUTH_DIGEST
+ CURLAUTH_GSSNEGOTIATE
+ CURLAUTH_NTLM
+ CURLAUTH_AWS_SIGV4
+ CURLAUTH_ANY
+ CURLAUTH_ANYSAFE
+ .
+ If more than one method is used, cURL will poll the server to see
what methods it supports and pick the best one.
CURLAUTH_ANY sets all bits. cURL will automatically select
the one it finds most secure.
CURLAUTH_ANYSAFE sets all bits except CURLAUTH_BASIC.
cURL will automatically select the one it finds most secure.
+ Available as of cURL 7.10.6.
@@ -1168,9 +1257,9 @@
- &true; to reset the HTTP request method to GET.
- Since GET is the default, this is only necessary if the request
+ Set to &true; to reset the HTTP request method to GET. Since GET is the default, this is only necessary if the request
method has been changed.
+ Available as of cURL 7.8.1.
@@ -1181,10 +1270,11 @@
- An array of HTTP header fields to set, in the format
+ An array of HTTP header fields to set, in the format
array('Content-type: text/plain', 'Content-length: 100')
+ Available as of cURL 7.1.0.
@@ -1196,6 +1286,7 @@
&true; to tunnel through a given HTTP proxy.
+ Available as of cURL 7.3.0.
@@ -1234,14 +1325,10 @@
- CURL_HTTP_VERSION_NONE (default, lets CURL
- decide which version to use),
- CURL_HTTP_VERSION_1_0 (forces HTTP/1.0),
- CURL_HTTP_VERSION_1_1 (forces HTTP/1.1),
- CURL_HTTP_VERSION_2_0 (attempts HTTP 2),
- CURL_HTTP_VERSION_2 (alias of CURL_HTTP_VERSION_2_0),
- CURL_HTTP_VERSION_2TLS (attempts HTTP 2 over TLS (HTTPS) only) or
- CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE (issues non-TLS HTTP requests using HTTP/2 without HTTP/1.1 Upgrade).
+ Set to one of the
+ CURL_HTTP_VERSION_* constants
+ for cURL to use the specified HTTP version.
+ Available as of cURL 7.9.1.
@@ -1267,7 +1354,10 @@
- The file that the transfer should be read from when uploading.
+ Accepts a file handle resource
+ to the file that the transfer should be read from when uploading.
+ Available as of cURL 7.1.0 and deprecated as of cURL 7.9.7.
+ Use CURLOPT_READDATA instead.
@@ -1279,9 +1369,11 @@
The expected size, in bytes, of the file when uploading a file to
- a remote site. Note that using this option will not stop libcurl
+ a remote site. Note that using this option will not stop cURL
from sending more data, as exactly what is sent depends on
CURLOPT_READFUNCTION.
+ This option accepts any value that can be cast to a valid int.
+ Available as of cURL 7.1.0.
@@ -1292,8 +1384,9 @@
- The name of the outgoing network interface to use. This can be an
- interface name, an IP address or a host name.
+ Set to a string with the name of the outgoing network interface to use.
+ This can be an interface name, an IP address or a host name.
+ Available as of cURL 7.1.0.
@@ -1306,11 +1399,10 @@
Allows an application to select what kind of IP addresses to use when
resolving host names. This is only interesting when using host names that
- resolve addresses using more than one version of IP, possible values are
- CURL_IPRESOLVE_WHATEVER,
- CURL_IPRESOLVE_V4,
- CURL_IPRESOLVE_V6, by default
- CURL_IPRESOLVE_WHATEVER.
+ resolve addresses using more than one version of IP.
+ Set to one of the
+ CURL_IPRESOLVE_* constants.
+ Defaults to CURL_IPRESOLVE_WHATEVER.
Available as of cURL 7.10.8.
@@ -1340,7 +1432,9 @@
- Issuer SSL certificate from memory blob.
+ Pass a string with binary data of a CA SSL certificate in PEM format.
+ If set, an additional check against the peer certificate is performed
+ to verify the issuer is the one associated with the certificate provided by the option.
Available as of PHP 8.1.0 and cURL 7.71.0.
@@ -1352,11 +1446,11 @@
- &true; to keep sending the request body if the HTTP code returned is
- equal to or larger than 300. The default action would be to stop sending
+ Set to &true; to keep sending the request body if the HTTP code returned is equal to or larger than 300.
+ The default action would be to stop sending
and close the stream or connection. Suitable for manual NTLM authentication.
Most applications do not need this option.
- Available as of PHP 7.3.0 and cURL 7.51.0
+ Available as of PHP 7.3.0 and cURL 7.51.0.
@@ -1367,9 +1461,10 @@
- The password required to use the CURLOPT_SSLKEY
+ Set to a string with the password required to use the CURLOPT_SSLKEY
or CURLOPT_SSH_PRIVATE_KEYFILE private key.
- Available as of cURL 7.16.1.
+ Setting this option to &null; disables using a password for these options.
+ Available as of cURL 7.17.0.
@@ -1380,16 +1475,19 @@
- The KRB4 (Kerberos 4) security level. Any of the following values
+ The KRB4 (Kerberos 4) security level. Any of the following string values
(in order from least to most powerful) are valid:
- "clear",
- "safe",
- "confidential",
- "private"..
- If the string does not match one of these,
- "private" is used. Setting this option to &null;
+
+ clear
+ safe
+ confidential
+ private
+ .
+ If the string does not match one of these,
+ private is used. Setting this option to &null;
will disable KRB4 security. Currently KRB4 security only works
with FTP transactions.
+ Available as of cURL 7.3.0 and deprecated as of cURL 7.17.0.
@@ -1407,8 +1505,7 @@
safeconfidentialprivate
-
- .
+ .
If the string is set but does not match one of these,
private is used.
Setting this option to &null; will disable kerberos support for FTP.
@@ -1454,10 +1551,9 @@
Can be used to set protocol specific login options, such as the
- preferred authentication mechanism via "AUTH=NTLM" or "AUTH=*",
- and should be used in conjunction with the
+ preferred authentication mechanism via AUTH=NTLM or AUTH=*, and should be used in conjunction with the
CURLOPT_USERNAME option.
- Available as of PHP 7.0.7 and cURL 7.34.0
+ Available as of PHP 7.0.7 and cURL 7.34.0.
@@ -1471,6 +1567,8 @@
The transfer speed, in bytes per second, that the transfer should be
below during the count of CURLOPT_LOW_SPEED_TIME
seconds before PHP considers the transfer too slow and aborts.
+ This option accepts any value that can be cast to a valid int.
+ Available as of cURL 7.1.0.
@@ -1484,6 +1582,8 @@
The number of seconds the transfer speed should be below
CURLOPT_LOW_SPEED_LIMIT before PHP considers
the transfer too slow and aborts.
+ This option accepts any value that can be cast to a valid int.
+ Available as of cURL 7.1.0.
@@ -1546,7 +1646,15 @@
- Available as of PHP 8.2.0 and cURL 7.69.0
+ Set to 1 to allow RCPT TO command
+ to fail for some recipients which makes cURL ignore errors
+ for individual recipients and proceed with the remaining accepted recipients.
+ If all recipients trigger failures and this flag is specified,
+ cURL aborts the SMTP conversation
+ and returns the error received from to the last RCPT TO command.
+ Replaced by CURLOPT_MAIL_RCPT_ALLOWFAILS as of cURL 8.2.0.
+ Available as of PHP 8.2.0 and cURL 7.69.0.
+ Deprecated as of cURL 8.2.0.
@@ -1559,7 +1667,8 @@
The maximum idle time allowed for an existing connection to be considered for reuse.
Default maximum age is set to 118 seconds.
- Available as of PHP 8.2.0 and cURL 7.65.0
+ This option accepts any value that can be cast to a valid int.
+ Available as of PHP 8.2.0 and cURL 7.65.0.
@@ -1573,6 +1682,8 @@
The maximum amount of persistent connections that are allowed.
When the limit is reached, the oldest one in the cache is closed
to prevent increasing the number of open connections.
+ This option accepts any value that can be cast to a valid int.
+ Available as of cURL 7.7.0.
@@ -1613,7 +1724,8 @@
the transfer will not start and CURLE_FILESIZE_EXCEEDED will be returned.
The file size is not always known prior to download, and for such files this option has no effect even if
the file transfer ends up being larger than this given limit.
- Available as of PHP 8.2.0 and cURL 7.11.0
+ This option accepts any value that can be cast to a valid int.
+ Available as of PHP 8.2.0 and cURL 7.11.0.
@@ -1627,8 +1739,9 @@
The maximum time in seconds, since the creation of the connection, that is allowed for an existing
connection to have for it to be considered for reuse. If a connection is found in the cache that is older
than this value, it will instead be closed once any in-progress transfers are complete.
- Default is 0 seconds, meaning the option is disabled and all connections are eligible for reuse.
- Available as of PHP 8.2.0 and cURL 7.80.0
+ Default is 0 seconds, meaning the option is disabled and all connections are eligible for reuse.
+ This option accepts any value that can be cast to a valid int.
+ Available as of PHP 8.2.0 and cURL 7.80.0.
@@ -1639,11 +1752,10 @@
- The maximum amount of HTTP redirections to follow. Use this option
- alongside CURLOPT_FOLLOWLOCATION.
+ The maximum amount of HTTP redirections to follow. Use this option alongside CURLOPT_FOLLOWLOCATION.
Default value of 20 is set to prevent infinite redirects.
- Setting to -1 allows inifinite redirects, and 0
- refuses all redirects.
+ Setting to -1 allows inifinite redirects, and 0 refuses all redirects.
+ Available as of cURL 7.5.0.
@@ -1658,7 +1770,8 @@
cumulative average during the transfer, the transfer will pause to
keep the average rate less than or equal to the parameter value.
Defaults to unlimited speed.
- Available as of cURL 7.15.5
+ This option accepts any value that can be cast to a valid int.
+ Available as of cURL 7.15.5.
@@ -1673,7 +1786,8 @@
cumulative average during the transfer, the transfer will pause to
keep the average rate less than or equal to the parameter value.
Defaults to unlimited speed.
- Available as of cURL 7.15.5
+ This option accepts any value that can be cast to a valid int.
+ Available as of cURL 7.15.5.
@@ -1684,7 +1798,10 @@
- Available as of PHP 8.3.0 and cURL 7.81.0
+ Set to a bitmask of CURLMIMEOPT_*
+ constants. Currently there is only one available option:
+ CURLMIMEOPT_FORMESCAPE.
+ Available as of PHP 8.3.0 and cURL 7.81.0.
@@ -1695,9 +1812,12 @@
- &true; to be completely silent with regards to
+ Set to &true; to be completely silent with regards to
the cURL functions.
- Removed as of cURL 7.15.5; use CURLOPT_RETURNTRANSFER instead.
+ Use CURLOPT_RETURNTRANSFER instead.
+ Available as of cURL 7.1.0, deprecated as of cURL 7.8.0
+ and last available in cURL 7.15.5.
+ Removed as of PHP 7.3.0.
@@ -1708,9 +1828,10 @@
- &true; to scan the ~/.netrc
+ Set to &true; to scan the ~/.netrc
file to find a username and password for the remote site that
a connection is being established with.
+ Available as of cURL 7.1.0.
@@ -1768,9 +1889,11 @@
- &true; to exclude the body from the output.
- Request method is then set to HEAD. Changing this to &false; does
- not change it to GET.
+ Set to &true; to exclude the body from the output.
+ For HTTP(S), cURL makes a HEAD request. For most other protocols,
+ cURL is not asking for the body data at all.
+ Changing this to &false; will result in body data being included in the output.
+ Available as of cURL 7.1.0.
@@ -1781,13 +1904,14 @@
- &true; to disable the progress meter for cURL transfers.
+ Set to &true; to disable the progress meter for cURL transfers.
PHP automatically sets this option to &true;, this should only be
changed for debugging purposes.
+ Available as of cURL 7.1.0.
@@ -1833,10 +1957,42 @@
- A callback accepting three parameters.
- The first is the cURL resource, the second is a
- string containing a password prompt, and the third is the maximum
- password length. Return the string containing the password.
+ A callable with the following signature:
+
+ stringcallback
+ resourcecurlHandle
+ stringpasswordPrompt
+ intmaximumPasswordLength
+
+
+
+ curlHandle
+
+
+ The cURL handle.
+
+
+
+
+ passwordPrompt
+
+
+ A password prompt.
+
+
+
+
+ maximumPasswordLength
+
+
+ The maximum length of the password.
+
+
+
+
+ The callback should return a string containing the password.
+ Available as of cURL 7.4.2, deprecated as of cURL 7.11.1
+ and last available in cURL 7.15.5.
Removed as of PHP 7.3.0.
@@ -1848,7 +2004,7 @@
- The password to use in authentication.
+ Set to a string with the password to use in authentication.
Available as of cURL 7.19.1.
@@ -1860,8 +2016,11 @@
- &true; to not handle dot dot sequences.
- Available as of PHP 7.0.7 and cURL 7.42.0
+ Set to &true; for cURL not alter URL paths before passing them on to the server.
+ Defaults to &false;, which squashes sequences of /../
+ or /./ that may exist in the URL's path part
+ which is supposed to be removed according to RFC 3986 section 5.2.4.
+ Available as of PHP 7.0.7 and cURL 7.42.0.
@@ -1872,12 +2031,12 @@
- Set the pinned public key.
- The string can be the file name of your pinned public key. The file
- format expected is "PEM" or "DER". The string can also be any
- number of base64 encoded sha256 hashes preceded by "sha256//" and
- separated by ";".
- Available as of PHP 7.0.7 and cURL 7.39.0
+ Set a string with the pinned public key.
+ The string can be the file name of the pinned public key
+ in a PEM or DER file format. The string can also be any
+ number of base64 encoded sha256 hashes preceded by sha256// and
+ separated by ;.
+ Available as of PHP 7.0.7 and cURL 7.39.0.
@@ -1888,8 +2047,10 @@
- &true; to wait for pipelining/multiplexing.
- Available as of PHP 7.0.7 and cURL 7.43.0
+ Set to &true; to wait for an existing connection to confirm
+ whether it can do multiplexing and use it if it can
+ before creating and using a new connection.
+ Available as of PHP 7.0.7 and cURL 7.43.0.
@@ -1900,7 +2061,9 @@
- An alternative port number to connect to.
+ An int with an alternative port number to connect to
+ instead of the one specified in the URL or the default port for the used protocol.
+ Available as of cURL 7.1.0.
@@ -1911,9 +2074,10 @@
- &true; to do a regular HTTP POST. This POST is the
- normal application/x-www-form-urlencoded kind,
- most commonly used by HTML forms.
+ Set to &true; to do a HTTP POST request.
+ This request uses the application/x-www-form-urlencoded header.
+ Defaults to &false;.
+ Available as of cURL 7.1.0.
@@ -1924,15 +2088,16 @@
- The full data to post in a HTTP "POST" operation.
+ The full data to post in a HTTP POST operation.
This parameter can either be
- passed as a urlencoded string like 'para1=val1¶2=val2&...'
- or as an array with the field name as key and field data as value.
- If value is an array, the
+ passed as a urlencoded string like 'para1=val1¶2=val2&...'
+ or as an array with the field name as key and field data as value.
+ If value is an array, the
Content-Type header will be set to
multipart/form-data.
Files can be sent using CURLFile or CURLStringFile,
- in which case value must be an array.
+ in which case value must be an array.
+ Available as of cURL 7.1.0.
@@ -1943,8 +2108,9 @@
- An array of FTP commands to execute on the server after the FTP
- request has been performed.
+ An array of FTP command strings
+ to execute on the server after the FTP request has been performed.
+ Available as of cURL 7.1.0.
@@ -1955,8 +2121,9 @@
- A bitmask of 1 (301 Moved Permanently), 2 (302 Found)
- and 4 (303 See Other) if the HTTP POST method should be maintained
+ Set to a bitmask of CURL_REDIR_POST_301,
+ CURL_REDIR_POST_302 and CURL_REDIR_POST_303
+ if the HTTP POST method should be maintained
when CURLOPT_FOLLOWLOCATION is set and a
specific type of redirect occurs.
Available as of cURL 7.19.1.
@@ -1971,18 +2138,18 @@
Set a string holding the host name or dotted numerical
- IP address to be used as the preproxy that curl connects to before
+ IP address to be used as the preproxy that cURL connects to before
it connects to the HTTP(S) proxy specified in the
CURLOPT_PROXY option for the upcoming request.
The preproxy can only be a SOCKS proxy and it should be prefixed with
[scheme]:// to specify which kind of socks is used.
A numerical IPv6 address must be written within [brackets].
- Setting the preproxy to an empty string explicitly disables the use of a preproxy.
- To specify port number in this string, append :[port]
+ Setting the preproxy to an empty string explicitly disables the use of a preproxy.
+ To specify port number in this string, append :[port]
to the end of the host name. The proxy's port number may optionally be
specified with the separate option CURLOPT_PROXYPORT.
Defaults to using port 1080 for proxies if a port is not specified.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2025,21 +2192,67 @@
- A callback accepting five parameters.
- The first is the cURL resource, the second is the total number of
- bytes expected to be downloaded in this transfer, the third is
- the number of bytes downloaded so far, the fourth is the total
- number of bytes expected to be uploaded in this transfer, and the
- fifth is the number of bytes uploaded so far.
+ A callable with the following signature:
+
+ intcallback
+ resourcecurlHandle
+ intbytesToDownload
+ intbytesDownloaded
+ intbytesToUpload
+ intbytesUploaded
+
+
+
+ curlHandle
+
+
+ The cURL handle.
+
+
+
+
+ bytesToDownload
+
+
+ The total number of bytes expected to be downloaded in this transfer.
+
+
+
+
+ bytesDownloaded
+
+
+ The number of bytes downloaded so far.
+
+
+
+
+ bytesToUpload
+
+
+ The total number of bytes expected to be uploaded in this transfer.
+
+
+
+
+ bytesUploaded
+
+
+ The number of bytes uploaded so far.
+
+
+
+
+ The callback should return an int with a non-zero value to abort the transfer
+ and set a CURLE_ABORTED_BY_CALLBACK error.
The callback is only called when the CURLOPT_NOPROGRESS
option is set to &false;.
- Return a non-zero value to abort the transfer. In which case, the
- transfer will set a CURLE_ABORTED_BY_CALLBACK
- error.
+ Available as of cURL 7.1.0 and deprecated as of cURL 7.32.0.
+ Use CURLOPT_XFERINFOFUNCTION instead.
@@ -2050,28 +2263,11 @@
- Bitmask of CURLPROTO_* values. If used, this bitmask
- limits what protocols libcurl may use in the transfer. This allows you to have
- a libcurl built to support a wide range of protocols but still limit specific
- transfers to only be allowed to use a subset of them. By default libcurl will
- accept all protocols it supports.
+ Bitmask of CURLPROTO_* values.
+ If used, this bitmask limits what protocols cURL may use in the transfer.
+ Defaults to CURLPROTO_ALL, ie. cURL will accept all protocols it supports.
See also CURLOPT_REDIR_PROTOCOLS.
- Valid protocol options are:
- CURLPROTO_HTTP,
- CURLPROTO_HTTPS,
- CURLPROTO_FTP,
- CURLPROTO_FTPS,
- CURLPROTO_SCP,
- CURLPROTO_SFTP,
- CURLPROTO_TELNET,
- CURLPROTO_LDAP,
- CURLPROTO_LDAPS,
- CURLPROTO_DICT,
- CURLPROTO_FILE,
- CURLPROTO_TFTP,
- CURLPROTO_MQTT,
- CURLPROTO_ALL
- Available as of cURL 7.19.4.
+ Available as of cURL 7.19.4 and deprecated as of cURL 7.85.0.
@@ -2082,7 +2278,46 @@
- Available as of PHP 8.3.0 and cURL 7.85.0
+ Set to a string with a comma separated list
+ of case insensitive protocol names (URL schemes) to allow in the transfer.
+ Set to ALL to enable all protocols.
+ By default, cURL accepts all protocols it was built with support for.
+ Available protocols are:
+
+ DICT
+ FILE
+ FTP
+ FTPS
+ GOPHER
+ GOPHERS
+ HTTP
+ HTTPS
+ IMAP
+ IMAPS
+ LDAP
+ LDAPS
+ MQTT
+ POP3
+ POP3S
+ RTMP
+ RTMPE
+ RTMPS
+ RTMPT
+ RTMPTE
+ RTMPTS
+ RTSP
+ SCP
+ SFTP
+ SMB
+ SMBS
+ SMTP
+ SMTPS
+ TELNET
+ TFTP
+ WS
+ WSS
+ .
+ Available as of PHP 8.3.0 and cURL 7.85.0.
@@ -2093,7 +2328,10 @@
- The HTTP proxy to tunnel requests through.
+ A string with the HTTP proxy to tunnel requests through.
+ This should be the hostname, the dotted numerical IP address
+ or a numerical IPv6 address written within [brackets].
+ Available as of cURL 7.1.0.
@@ -2104,11 +2342,12 @@
- The HTTP authentication method(s) to use for the proxy connection.
- Use the same bitmasks as described in
- CURLOPT_HTTPAUTH. For proxy authentication,
- only CURLAUTH_BASIC and
+ A bitmask of the HTTP authentication method(s)
+ (CURLAUTH_* constants)
+ to use for the proxy connection.
+ For proxy authentication, only CURLAUTH_BASIC and
CURLAUTH_NTLM are currently supported.
+ Defaults to CURLAUTH_BASIC.
Available as of cURL 7.10.7.
@@ -2120,8 +2359,8 @@
- An array of custom HTTP headers to pass to proxies.
- Available as of PHP 7.0.7 and cURL 7.37.0
+ An array of custom HTTP header strings to pass to proxies.
+ Available as of PHP 7.0.7 and cURL 7.37.0.
@@ -2144,8 +2383,11 @@
- The port number of the proxy to connect to. This port number can
- also be set in CURLOPT_PROXY.
+ An int with the port number of the proxy to connect to.
+ This port number can also be set in CURLOPT_PROXY.
+ Setting this to zero makes cURL use the default proxy port number
+ or the port number specified in the proxy URL string.
+ Available as of cURL 7.1.0.
@@ -2156,11 +2398,9 @@
- Either CURLPROXY_HTTP (default),
- CURLPROXY_SOCKS4,
- CURLPROXY_SOCKS5,
- CURLPROXY_SOCKS4A or
- CURLPROXY_SOCKS5_HOSTNAME.
+ Sets the type of the proxy to one of the
+ CURLPROXY_* constants.
+ Defaults to CURLPROXY_HTTP.
Available as of cURL 7.10.
@@ -2184,9 +2424,10 @@
- A username and password formatted as
- "[username]:[password]" to use for the
+ A string with a username and password formatted as
+ [username]:[password] to use for the
connection to the proxy.
+ Available as of cURL 7.1.0.
@@ -2201,9 +2442,9 @@
string naming a file holding one or more certificates to
verify the HTTPS proxy with.
This option is for connecting to an HTTPS proxy, not an HTTPS server.
- Defaults set to the system path where libcurl's cacert bundle is assumed
+ Defaults set to the system path where cURL's cacert bundle is assumed
to be stored.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2214,11 +2455,11 @@
- The name of a PEM file holding one or more certificates to verify the HTTPS proxy with.
+ A string with the name of a PEM file holding one or more certificates to verify the HTTPS proxy with.
This option is for connecting to an HTTPS proxy, not an HTTPS server.
- Defaults set to the system path where libcurl's cacert bundle is assumed
+ Defaults set to the system path where cURL's cacert bundle is assumed
to be stored.
- Available as of PHP 8.2.0 and cURL 7.77.0
+ Available as of PHP 8.2.0 and cURL 7.77.0.
@@ -2229,8 +2470,9 @@
- The directory holding multiple CA certificates to verify the HTTPS proxy with.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ A string with the directory holding multiple CA certificates
+ to verify the HTTPS proxy with.
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2241,10 +2483,11 @@
- Set the file name with the concatenation of CRL (Certificate Revocation List)
+ Set to a string with the file name
+ with the concatenation of CRL (Certificate Revocation List)
in PEM format to use in the certificate validation that occurs during
the SSL exchange.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2255,7 +2498,7 @@
- Proxy issuer SSL certificate filename.
+ Proxy issuer SSL certificate filename string.
Available as of PHP 8.1.0 and cURL 7.71.0.
@@ -2267,7 +2510,7 @@
- Proxy issuer SSL certificate from memory blob.
+ A string with the proxy issuer SSL certificate.
Available as of PHP 8.1.0 and cURL 7.71.0.
@@ -2279,11 +2522,12 @@
- Set the string be used as the password required to use the
- CURLOPT_PROXY_SSLKEY private key. You never needed a
- passphrase to load a certificate but you need one to load your private key.
+ Set the string be used as the password required to use the
+ CURLOPT_PROXY_SSLKEY private key.
+ A passphrase is not needed to load a certificate
+ but one is needed to load a private key.
This option is for connecting to an HTTPS proxy, not an HTTPS server.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2294,11 +2538,13 @@
- Set the pinned public key for HTTPS proxy. The string can be the file name
- of your pinned public key. The file format expected is "PEM" or "DER".
- The string can also be any number of base64 encoded sha256 hashes preceded by
- "sha256//" and separated by ";".
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Set the pinned public key for HTTPS proxy.
+ The string can be the file name of the pinned public key
+ which is expected to be in a PEM
+ or DER file format.
+ The string can also be any number of base64 encoded sha256 hashes
+ preceded by sha256// and separated by ;.
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2309,7 +2555,7 @@
- The proxy authentication service name.
+ A string with the proxy authentication service name.
Available as of PHP 7.0.7, cURL 7.43.0 (for HTTP proxies) and cURL 7.49.0 (for SOCKS5 proxies).
@@ -2321,14 +2567,15 @@
- The file name of your client certificate used to connect to the HTTPS proxy.
- The default format is "P12" on Secure Transport and "PEM" on other engines,
+ A string with the file name of the client certificate used to connect to the HTTPS proxy.
+ The default format is P12 on Secure Transport and PEM on other engines,
and can be changed with CURLOPT_PROXY_SSLCERTTYPE.
With NSS or Secure Transport, this can also be the nickname of the certificate
- you wish to authenticate with as it is named in the security database.
- If you want to use a file from the current directory, please precede it with
- "./" prefix, in order to avoid confusion with a nickname.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ used for authentication as it is named in the security database.
+ If a file from the current directory is to be used,
+ it must be prefixed with ./
+ in order to avoid confusion with a nickname.
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2339,12 +2586,12 @@
- The format of your client certificate used when connecting to an HTTPS proxy.
- Supported formats are "PEM" and "DER", except with Secure Transport.
+ A string with the format of the client certificate used when connecting to an HTTPS proxy.
+ Supported formats are PEM and DER, except with Secure Transport.
OpenSSL (versions 0.9.3 and later) and Secure Transport
- (on iOS 5 or later, or OS X 10.7 or later) also support "P12" for
- PKCS#12-encoded files. Defaults to "PEM".
- Available as of PHP 7.3.0 and cURL 7.52.0
+ (on iOS 5 or later, or OS X 10.7 or later) also support P12 for
+ PKCS#12-encoded files. Defaults to PEM.
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2355,7 +2602,7 @@
- SSL proxy client certificate from memory blob.
+ A string with the SSL proxy client certificate.
Available as of PHP 8.1.0 and cURL 7.71.0.
@@ -2367,11 +2614,13 @@
- The file name of your private key used for connecting to the HTTPS proxy.
- The default format is "PEM" and can be changed with
+ A string with the file name of the private key
+ used for connecting to the HTTPS proxy.
+ The default format is PEM and can be changed with
CURLOPT_PROXY_SSLKEYTYPE.
- (iOS and Mac OS X only) This option is ignored if curl was built against Secure Transport. Available if built TLS enabled.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ (iOS and Mac OS X only) This option is ignored if cURL was built against
+ Secure Transport. Available if built with TLS enabled.
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2382,8 +2631,14 @@
- The format of your private key. Supported formats are "PEM", "DER" and "ENG".
- Available as of PHP 7.3.0 and cURL 7.52.0
+ A string with the format of the private key.
+ Supported formats are:
+
+ PEM
+ DER
+ ENG
+ .
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2394,7 +2649,7 @@
- Private key for proxy cert from memory blob.
+ A string with the private key for connecting to the HTTPS proxy.
Available as of PHP 8.1.0 and cURL 7.71.0.
@@ -2406,22 +2661,10 @@
- One of
-
- CURL_SSLVERSION_DEFAULT
- CURL_SSLVERSION_TLSv1
- CURL_SSLVERSION_TLSv1_0
- CURL_SSLVERSION_TLSv1_1
- CURL_SSLVERSION_TLSv1_2
- CURL_SSLVERSION_TLSv1_3
- CURL_SSLVERSION_MAX_DEFAULT
- CURL_SSLVERSION_MAX_TLSv1_0
- CURL_SSLVERSION_MAX_TLSv1_1
- CURL_SSLVERSION_MAX_TLSv1_2
- CURL_SSLVERSION_MAX_TLSv1_3
- CURL_SSLVERSION_SSLv3
-
- .
+ Set the preferred HTTPS proxy TLS version to one of the
+ CURL_SSLVERSION_*
+ constants.
+ Defaults to CURL_SSLVERSION_DEFAULT.
It is better to not set this option and leave the default
@@ -2429,7 +2672,7 @@
which will attempt to figure out the remote SSL protocol version.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2440,11 +2683,12 @@
- The list of ciphers to use for the connection to the HTTPS proxy.
- The list must be syntactically correct, it consists of one or more cipher
- strings separated by colons. Commas or spaces are also acceptable separators
- but colons are normally used, !, - and + can be used as operators.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ A string with a colon-separated list of ciphers
+ to use for the connection to the HTTPS proxy.
+ When used with OpenSSL commas and spaces are also acceptable as separators,
+ and !, - and +
+ can be used as operators.
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2455,13 +2699,9 @@
- Set proxy SSL behavior options, which is a bitmask of the following constants:
-
- CURLSSLOPT_ALLOW_BEAST
- CURLSSLOPT_NO_REVOKE
- CURLSSLOPT_NO_PARTIALCHAIN
-
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Set proxy SSL behavior options, which is a bitmask of the
+ CURLSSLOPT_* constants.
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2475,11 +2715,12 @@
Set to 2 to verify in the HTTPS proxy's certificate name fields against the proxy name.
When set to 0 the connection succeeds regardless of the names used in the certificate.
Use that ability with caution!
- 1 treated as a debug option in curl 7.28.0 and earlier.
- From curl 7.28.1 to 7.65.3 CURLE_BAD_FUNCTION_ARGUMENT is returned.
- From curl 7.66.0 onwards 1 and 2 is treated as the same value.
- In production environments the value of this option should be kept at 2 (default value).
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Set to 1 in cURL 7.28.0 and earlier as a debug option.
+ Set to 1 in cURL 7.28.1 to 7.65.3 CURLE_BAD_FUNCTION_ARGUMENT is returned.
+ As of cURL 7.66.0 1 and 2 is treated as the same value.
+ Defaults to 2.
+ In production environments the value of this option should be kept at 2.
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2490,13 +2731,14 @@
- &false; to stop cURL from verifying the peer's certificate.
+ Set to &false; to stop cURL from verifying the peer's certificate.
Alternate certificates to verify against can be
specified with the CURLOPT_CAINFO option
or a certificate directory can be specified with the
CURLOPT_CAPATH option.
- When set to false, the peer certificate verification succeeds regardless. &true; by default.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ When set to &false;, the peer certificate verification succeeds regardless.
+ &true; by default.
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2507,13 +2749,11 @@
- The list of cipher suites to use for the TLS 1.3 connection to a proxy.
- The list must be syntactically correct, it consists of one or more
- cipher suite strings separated by colons. This option is currently used
- only when curl is built to use OpenSSL 1.1.1 or later.
- If you are using a different SSL backend you can try setting
- TLS 1.3 cipher suites by using the CURLOPT_PROXY_SSL_CIPHER_LIST option. Available when built with OpenSSL >= 1.1.1.
- Available as of PHP 7.3.0 and cURL 7.61.0
+ A string with a colon-separated list of ciphers to use for the connection to the TLS 1.3 connection to a proxy.
+ This option is currently used only when cURL is built to use OpenSSL 1.1.1 or later.
+ When using a different SSL backend the TLS 1.3 cipher suites can be set
+ with the CURLOPT_PROXY_SSL_CIPHER_LIST option.
+ Available as of PHP 7.3.0 and cURL 7.61.0.
@@ -2524,10 +2764,10 @@
- The password to use for the TLS authentication method specified with the
+ A string with the password to use for the TLS authentication method specified with the
CURLOPT_PROXY_TLSAUTH_TYPE option. Requires that the
CURLOPT_PROXY_TLSAUTH_USERNAME option to also be set.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2539,16 +2779,16 @@
The method of the TLS authentication used for the HTTPS connection.
- Supported method is "SRP".
+ Supported method is SRP.
Secure Remote Password (SRP) authentication for TLS provides mutual authentication
- if both sides have a shared secret. To use TLS-SRP, you must also set the
+ if both sides have a shared secret. To use TLS-SRP, the
CURLOPT_PROXY_TLSAUTH_USERNAME and
- CURLOPT_PROXY_TLSAUTH_PASSWORD options.
+ CURLOPT_PROXY_TLSAUTH_PASSWORD options must also be set.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2562,7 +2802,7 @@
The username to use for the HTTPS proxy TLS authentication method specified with the
CURLOPT_PROXY_TLSAUTH_TYPE option. Requires that the
CURLOPT_PROXY_TLSAUTH_PASSWORD option to also be set.
- Available as of PHP 7.3.0 and cURL 7.52.0
+ Available as of PHP 7.3.0 and cURL 7.52.0.
@@ -2592,8 +2832,9 @@
&true; to HTTP PUT a file. The file to PUT must
- be set with CURLOPT_INFILE and
+ be set with CURLOPT_READDATA and
CURLOPT_INFILESIZE.
+ Available as of cURL 7.1.0 and deprecated as of cURL 7.12.1.
@@ -2604,7 +2845,11 @@
- Available as of PHP 8.3.0 and cURL 7.87.0
+ Set to &true; for cURL to skip cleanup of resources
+ when recovering from a timeout.
+ This allows for a swift termination of the cURL process
+ at the expense of a possible leak of associated resources.
+ Available as of PHP 8.3.0 and cURL 7.87.0.
@@ -2615,8 +2860,8 @@
- An array of FTP commands to execute on the server prior to the FTP
- request.
+ An array of FTP command strings to execute on the server prior to the FTP request.
+ Available as of cURL 7.1.0.
@@ -2627,7 +2872,8 @@
- A filename to be used to seed the random number generator for SSL.
+ A string with a filename to be used to seed the random number generator for SSL.
+ Available as of cURL 7.7.0 and deprecated as of cURL 7.84.0.
@@ -2638,10 +2884,11 @@
- Range(s) of data to retrieve in the format
- "X-Y" where X or Y are optional. HTTP transfers
+ A string with the range(s) of data to retrieve in the format X-Y where X or Y are optional. HTTP transfers
also support several intervals, separated with commas in the format
- "X-Y,N-M".
+ X-Y,N-M.
+ Set to &null; to disable requesting a byte range.
+ Available as of cURL 7.1.0.
@@ -2665,14 +2912,45 @@
- A callback accepting three parameters.
- The first is the cURL resource, the second is a
- stream resource provided to cURL through the option
- CURLOPT_INFILE, and the third is the maximum
- amount of data to be read. The callback must return a string
+ A callable with the following signature:
+
+ stringcallback
+ resourcecurlHandle
+ resourcestreamResource
+ intmaxAmountOfDataToRead
+
+
+
+ curlHandle
+
+
+ The cURL handle.
+
+
+
+
+ streamResource
+
+
+ Stream resource provided to cURL through the option
+ CURLOPT_READDATA.
+
+
+
+
+ maxAmountOfDataToRead
+
+
+ The maximum amount of data to be read.
+
+
+
+
+ The callback should return a string
with a length equal or smaller than the amount of data requested,
- typically by reading it from the passed stream resource. It should
- return an empty string to signal EOF.
+ typically by reading it from the passed stream resource. It should
+ return an empty string to signal EOF.
+ Available as of cURL 7.1.0.
@@ -2683,15 +2961,16 @@
- Bitmask of CURLPROTO_* values. If used, this bitmask
- limits what protocols libcurl may use in a transfer that it follows to in
+ Bitmask of CURLPROTO_* values
+ which limit what protocols cURL may use in a transfer that it follows to in
a redirect when CURLOPT_FOLLOWLOCATION is enabled.
- This allows you to limit specific transfers to only be allowed to use a subset
- of protocols in redirections. By default libcurl will allow all protocols
- except for FILE and SCP. This is a difference compared to pre-7.19.4 versions
- which unconditionally would follow to all protocols supported.
+ This allows limiting specific transfers to only be allowed to use a subset
+ of protocols in redirections.
+ As of cURL 7.19.4, by default cURL will allow all protocols
+ except for FILE and SCP.
+ Prior to cURL 7.19.4, cURL would unconditionally follow to all supported protocols.
See also CURLOPT_PROTOCOLS for protocol constant values.
- Available as of cURL 7.19.4.
+ Available as of cURL 7.19.4 and deprecated as of cURL 7.85.0.
@@ -2702,6 +2981,53 @@
+ Set to a string with a comma separated list
+ of case insensitive protocol names (URL schemes)
+ to allow to follow to in a redirect when
+ CURLOPT_FOLLOWLOCATION is enabled.
+ Set to ALL to enable all protocols.
+ As of cURL 7.65.2 it defaults to FTP,
+ FTPS, HTTP and HTTPS.
+ From cURL 7.40.0 to 7.65.1, this defaults to all protocols except
+ FILE, SCP, SMB and
+ SMBS.
+ Prior to cURL 7.40.0, this defaults to all protocols except
+ FILE and SCP.
+ Available protocols are:
+
+ DICT
+ FILE
+ FTP
+ FTPS
+ GOPHER
+ GOPHERS
+ HTTP
+ HTTPS
+ IMAP
+ IMAPS
+ LDAP
+ LDAPS
+ MQTT
+ POP3
+ POP3S
+ RTMP
+ RTMPE
+ RTMPS
+ RTMPT
+ RTMPTE
+ RTMPTS
+ RTSP
+ SCP
+ SFTP
+ SMB
+ SMBS
+ SMTP
+ SMTPS
+ TELNET
+ TFTP
+ WS
+ WSS
+ .
Available as of PHP 8.3.0 and cURL 7.85.0.
@@ -2713,8 +3039,9 @@
- The contents of the "Referer: " header to be used
- in a HTTP request.
+ A string with the contents of the Referer:
+ header to be used in a HTTP request.
+ Available as of cURL 7.1.0.
@@ -2725,6 +3052,8 @@
+ A string to use in the upcoming request
+ instead of the path as extracted from the URL.
Available as of PHP 7.3.0 and cURL 7.55.0.
@@ -2736,11 +3065,13 @@
- Provide a custom address for a specific host and port pair. An array
- of hostname, port, and IP address strings, each element separated by
- a colon. In the format:
+ Provide an array of colon-separated strings
+ with custom addresses for specific host and port pairs in the following format:
- array("example.com:80:127.0.0.1")
+ array(
+ "example.com:80:127.0.0.1",
+ "example2.com:443:127.0.0.2",
+ )
Available as of cURL 7.21.3.
@@ -2754,6 +3085,8 @@
The offset, in bytes, to resume a transfer from.
+ This option accepts any value that can be cast to a valid int.
+ Available as of cURL 7.1.0.
@@ -2764,7 +3097,7 @@
- &true; to return the transfer as a string of the
+ &true; to return the transfer as a string of the
return value of curl_exec instead of outputting
it directly.
@@ -2884,11 +3217,11 @@
- The authorization identity (authzid) for the transfer. Only applicable to the PLAIN SASL
+ The authorization identity (authzid) string for the transfer. Only applicable to the PLAIN SASL
authentication mechanism where it is optional. When not specified, only the authentication identity
(authcid) as specified by the username will be sent to the server, along with the password.
The server will derive the authzid from the authcid when not provided, which it will then use internally.
- Available as of PHP 8.2.0 and cURL 7.66.0
+ Available as of PHP 8.2.0 and cURL 7.66.0.
@@ -2900,7 +3233,7 @@
&true; to enable sending the initial response in the first packet.
- Available as of PHP 7.0.7 and cURL 7.31.0
+ Available as of PHP 7.0.7 and cURL 7.31.0.
@@ -2911,8 +3244,8 @@
- The authentication service name.
- Available as of PHP 7.0.7 and cURL 7.43.0
+ A string with the authentication service name.
+ Available as of PHP 7.0.7 and cURL 7.43.0.
@@ -2925,6 +3258,7 @@
A result of curl_share_init. Makes the cURL
handle to use the data from the shared handle.
+ Available as of cURL 7.10.
@@ -2936,18 +3270,16 @@
The SOCKS5 authentication method(s) to use. The options are:
- CURLAUTH_BASIC,
- CURLAUTH_GSSAPI,
- CURLAUTH_NONE.
- The bitwise | (or) operator can be used to combine
- more than one method. If this is done, cURL will poll the server to see
+
+ CURLAUTH_BASIC
+ CURLAUTH_GSSAPI
+ CURLAUTH_NONE
+ .
+ When more than one method is set, cURL will poll the server to see
what methods it supports and pick the best one.
- CURLAUTH_BASIC allows username/password authentication.
- CURLAUTH_GSSAPI allows GSS-API authentication.
- CURLAUTH_NONE allows no authentication.
Defaults to CURLAUTH_BASIC|CURLAUTH_GSSAPI.
Set the actual username and password with the CURLOPT_PROXYUSERPWD option.
- Available as of PHP 7.3.0 and cURL 7.55.0
+ Available as of PHP 7.3.0 and cURL 7.55.0.
@@ -2986,12 +3318,16 @@
- A bitmask consisting of one or more of
- CURLSSH_AUTH_PUBLICKEY,
- CURLSSH_AUTH_PASSWORD,
- CURLSSH_AUTH_HOST,
- CURLSSH_AUTH_KEYBOARD. Set to
- CURLSSH_AUTH_ANY to let libcurl pick one.
+ A bitmask consisting of one or more of the following constants:
+
+ CURLSSH_AUTH_PUBLICKEY
+ CURLSSH_AUTH_PASSWORD
+ CURLSSH_AUTH_HOST
+ CURLSSH_AUTH_KEYBOARD
+ CURLSSH_AUTH_AGENT
+ CURLSSH_AUTH_ANY
+ .
+ Defaults to CURLSSH_AUTH_ANY.
Available as of cURL 7.16.1.
@@ -3003,9 +3339,10 @@
- &true; to enable built-in SSH compression. This is a request, not an order;
- the server may or may not do it.
- Available as of PHP 7.3.0 and cURL 7.56.0
+ &true; to enable, &false; to disable built-in SSH compression.
+ Note that the server can disregard this request.
+ Defaults to &false;.
+ Available as of PHP 7.3.0 and cURL 7.56.0.
@@ -3016,7 +3353,51 @@
- Available as of PHP 8.3.0 and cURL 7.84.0
+ A callable that will be called when SSH host key verification is needed.
+ The callback must have the following signature:
+
+ intcallback
+ resourcecurlHandle
+ intkeyType
+ stringkey
+ intkeyLength
+
+
+
+ curlHandle
+
+
+ The cURL handle.
+
+
+
+
+ keyType
+
+
+ One of the CURLKHTYPE_* key types.
+
+
+
+
+ key
+
+
+ The key to check.
+
+
+
+
+ keyLength
+
+
+ The length of the key in bytes.
+
+
+
+
+ This callback overrides CURLOPT_SSH_KNOWNHOSTS.
+ Available as of PHP 8.3.0 and cURL 7.84.0.
@@ -3027,8 +3408,8 @@
- A string containing 32 hexadecimal digits. The string should be the
- MD5 checksum of the remote host's public key, and libcurl will reject
+ A string containing 32 hexadecimal digits which should contain the
+ MD5 checksum of the remote host's public key, and cURL will reject
the connection to the host unless the md5sums match.
This option is only for SCP and SFTP transfers.
Available as of cURL 7.17.1.
@@ -3042,9 +3423,10 @@
- Base64-encoded SHA256 hash of the remote host's public key.
+ A string with the base64-encoded SHA256 hash
+ of the remote host's public key.
The transfer will fail if the given hash does not match the hash the remote host provides.
- Available as of PHP 8.2.0 and cURL 7.80.0
+ Available as of PHP 8.2.0 and cURL 7.80.0.
@@ -3068,9 +3450,9 @@
- The file name for your private key. If not used, libcurl defaults to
- $HOME/.ssh/id_dsa if the HOME environment variable is set,
- and just "id_dsa" in the current directory if HOME is not set.
+ The file name for a private key. If not used, cURL defaults to
+ $HOME/.ssh/id_dsa if the HOME environment variable is set,
+ and just id_dsa in the current directory if HOME is not set.
If the file is password-protected, set the password with
CURLOPT_KEYPASSWD.
Available as of cURL 7.16.1.
@@ -3084,9 +3466,9 @@
- The file name for your public key. If not used, libcurl defaults to
- $HOME/.ssh/id_dsa.pub if the HOME environment variable is set,
- and just "id_dsa.pub" in the current directory if HOME is not set.
+ The file name for a public key. If not used, cURL defaults to
+ $HOME/.ssh/id_dsa.pub if the HOME environment variable is set,
+ and just id_dsa.pub in the current directory if HOME is not set.
Available as of cURL 7.16.1.
@@ -3099,6 +3481,7 @@
The name of a file containing a PEM formatted certificate.
+ Available as of cURL 7.1.0.
@@ -3111,6 +3494,7 @@
The password required to use the
CURLOPT_SSLCERT certificate.
+ Available as of cURL 7.1.0 and deprecated as of cURL 7.17.0.
@@ -3121,11 +3505,15 @@
- The format of the certificate. Supported formats are
- "PEM" (default), "DER",
- and "ENG".
- As of OpenSSL 0.9.3, "P12" (for PKCS#12-encoded files)
- is also supported.
+ A string with the format of the certificate. Supported formats are:
+
+ PEM
+ DER
+ ENG
+ P12
+ .
+ P12 (for PKCS#12-encoded files) is available as of OpenSSL 0.9.3.
+ Defaults to PEM.
Available as of cURL 7.9.3.
@@ -3137,7 +3525,7 @@
- SSL client certificate from memory blob.
+ A string with the SSL client certificate.
Available as of PHP 8.1.0 and cURL 7.71.0.
@@ -3149,8 +3537,9 @@
- The identifier for the crypto engine of the private SSL key
+ The string identifier for the crypto engine of the private SSL key
specified in CURLOPT_SSLKEY.
+ Available as of cURL 7.9.3.
@@ -3161,8 +3550,9 @@
- The identifier for the crypto engine used for asymmetric crypto
+ The string identifier for the crypto engine used for asymmetric crypto
operations.
+ Available as of cURL 7.9.3.
@@ -3174,6 +3564,7 @@
The name of a file containing a private SSL key.
+ Available as of cURL 7.9.3.
@@ -3192,6 +3583,7 @@
the PHP script it is contained within safe.
+ Available as of cURL 7.9.3 and deprecated as of cURL 7.17.0.
@@ -3203,9 +3595,14 @@
The key type of the private SSL key specified in
- CURLOPT_SSLKEY. Supported key types are
- "PEM" (default), "DER",
- and "ENG".
+ CURLOPT_SSLKEY. Supported key types are:
+
+ PEM
+ DER
+ ENG
+ .
+ Defaults to PEM.
+ Available as of cURL 7.9.3.
@@ -3216,7 +3613,7 @@
- Private key for client cert from memory blob.
+ A string private key for client cert.
Available as of PHP 8.1.0 and cURL 7.71.0.
@@ -3229,33 +3626,7 @@
One of
-
- CURL_SSLVERSION_DEFAULT
- CURL_SSLVERSION_TLSv1
- CURL_SSLVERSION_SSLv2
- CURL_SSLVERSION_SSLv3
- CURL_SSLVERSION_TLSv1_0
- CURL_SSLVERSION_TLSv1_1
- CURL_SSLVERSION_TLSv1_2
- CURL_SSLVERSION_TLSv1_3
-
- .
- The maximum TLS version can be set by using one of the
- CURL_SSLVERSION_MAX_*
- constants.
- It is also possible to bitwise OR one of the
- CURL_SSLVERSION_*
- constants with one of the
- CURL_SSLVERSION_MAX_*.
-
-
- CURL_SSLVERSION_MAX_DEFAULT (the maximum version supported by the library)
- CURL_SSLVERSION_MAX_TLSv1_0
- CURL_SSLVERSION_MAX_TLSv1_1
- CURL_SSLVERSION_MAX_TLSv1_2
- CURL_SSLVERSION_MAX_TLSv1_3
-
- .
+ the CURL_SSLVERSION_* constants.
It is better to not set this option and leave the defaults.
@@ -3267,6 +3638,8 @@
vulnerabilities in SSLv2 and SSLv3.
+ Defaults to CURL_SSLVERSION_DEFAULT.
+ Available as of cURL 7.1.0.
@@ -3277,9 +3650,9 @@
- A list of ciphers to use for SSL. For example,
- RC4-SHA and TLSv1 are valid
- cipher lists.
+ A colon-separated string of ciphers to use
+ for the TLS 1.2 (1.1, 1.0) connection.
+ Available as of cURL 7.9.
@@ -3294,7 +3667,7 @@
X25519:P-521 is a valid list of two elliptic curves.
This option defines the client's key exchange algorithms in the SSL handshake,
if the SSL backend cURL is built to use supports it.
- Available as of PHP 8.2.0 and cURL 7.73.0
+ Available as of PHP 8.2.0 and cURL 7.73.0.
@@ -3306,9 +3679,9 @@
&false; to disable ALPN in the SSL handshake (if the SSL backend
- libcurl is built to use supports it), which can be used to
+ cURL is built to use supports it), which can be used to
negotiate http2.
- Available as of PHP 7.0.7 and cURL 7.36.0
+ Available as of PHP 7.0.7 and cURL 7.36.0.
@@ -3320,9 +3693,9 @@
&false; to disable NPN in the SSL handshake (if the SSL backend
- libcurl is built to use supports it), which can be used to
+ cURL is built to use supports it), which can be used to
negotiate http2.
- Available as of PHP 7.0.7 and cURL 7.36.0
+ Available as of PHP 7.0.7 and cURL 7.36.0, and deprecated as of cURL 7.86.0.
@@ -3333,8 +3706,10 @@
- &true; to enable TLS false start.
- Available as of PHP 7.0.7 and cURL 7.42.0
+ &true; to enable and &false; to disable TLS false start
+ which is a mode where a TLS client starts sending application data
+ before verifying the server's Finished message.
+ Available as of PHP 7.0.7 and cURL 7.42.0.
@@ -3345,16 +3720,10 @@
- Set SSL behavior options, which is a bitmask of the following constants:
-
- CURLSSLOPT_ALLOW_BEAST
- CURLSSLOPT_NO_REVOKE
- CURLSSLOPT_AUTO_CLIENT_CERT
- CURLSSLOPT_NATIVE_CA
- CURLSSLOPT_NO_PARTIALCHAIN
- CURLSSLOPT_REVOKE_BEST_EFFORT
-
- Available as of PHP 7.0.7. and cURL 7.25.0
+ Set SSL behavior options, which is a bitmask of the
+ CURLSSLOPT_* constants.
+ Defaults to none of the bits being set.
+ Available as of PHP 7.0.7. and cURL 7.25.0.
@@ -3385,6 +3754,7 @@
1 should not be used.
In production environments the value of this option
should be kept at 2 (default value). Support for value 1 removed in cURL 7.28.1.
+ Available as of cURL 7.8.1.
@@ -3399,8 +3769,10 @@
certificate. Alternate certificates to verify against can be
specified with the CURLOPT_CAINFO option
or a certificate directory can be specified with the
- CURLOPT_CAPATH option. &true; by default as of cURL 7.10. Default bundle installed as of
- cURL 7.10.
+ CURLOPT_CAPATH option.
+ Defaults to &true; as of cURL 7.10.
+ Default bundle of CA certificates installed as of cURL 7.10.
+ Available as of cURL 7.4.2.
@@ -3411,8 +3783,8 @@
- &true; to verify the certificate's status.
- Available as of PHP 7.0.7 and cURL 7.41.0
+ &true; to enable and &false; to disable verification of the certificate's status.
+ Available as of PHP 7.0.7 and cURL 7.41.0.
@@ -3423,8 +3795,10 @@
- An alternative location to output errors to instead of
+ Accepts a file handle resource pointing to
+ an alternative location to output errors to instead of
STDERR.
+ Available as of cURL 7.1.0.
@@ -3435,8 +3809,8 @@
- Set the numerical stream weight (a number between 1 and 256).
- Available as of PHP 7.0.7 and cURL 7.46.0
+ Set the numerical stream weight (a number between 1 and 256).
+ Available as of PHP 7.0.7 and cURL 7.46.0.
@@ -3450,7 +3824,8 @@
&true; to suppress proxy CONNECT response headers from the user callback functions
CURLOPT_HEADERFUNCTION and CURLOPT_WRITEFUNCTION,
when CURLOPT_HTTPPROXYTUNNEL is used and a CONNECT request is made.
- Available as of PHP 7.3.0 and cURL 7.54.0
+ Defaults to &false;.
+ Available as of PHP 7.3.0 and cURL 7.54.0.
@@ -3461,8 +3836,8 @@
- &true; to enable TCP Fast Open.
- Available as of PHP 7.0.7 and cURL 7.49.0
+ &true; to enable and &false; to disable TCP Fast Open.
+ Available as of PHP 7.0.7 and cURL 7.49.0.
@@ -3477,7 +3852,7 @@
frequency of these probes can be controlled by the CURLOPT_TCP_KEEPIDLE
and CURLOPT_TCP_KEEPINTVL options, provided the operating system
supports them. If set to 0 (default) keepalive probes are disabled.
- Available as of cURL 7.25.0
+ Available as of cURL 7.25.0.
@@ -3492,7 +3867,7 @@
idle before sending keepalive probes, if CURLOPT_TCP_KEEPALIVE is
enabled. Not all operating systems support this option.
The default is 60.
- Available as of cURL 7.25.0
+ Available as of cURL 7.25.0.
@@ -3507,7 +3882,7 @@
keepalive probes, if CURLOPT_TCP_KEEPALIVE is enabled.
Not all operating systems support this option.
The default is 60.
- Available as of cURL 7.25.0
+ Available as of cURL 7.25.0.
@@ -3520,6 +3895,7 @@
&true; to disable TCP's Nagle algorithm, which tries to minimize
the number of small packets on the network.
+ Defaults to &true;.
Available as of cURL 7.11.2.
@@ -3535,7 +3911,7 @@
The variables should be in the format >option=value<.
cURL supports the options TTYPE,
XDISPLOC and NEW_ENV.
- Available as of cURL 7.7.
+ Available as of cURL 7.7.0.
@@ -3565,7 +3941,8 @@
&true; to not send TFTP options requests.
- Available as of PHP 7.0.7 and cURL 7.48.0
+ Defaults to &false;.
+ Available as of PHP 7.0.7 and cURL 7.48.0.
@@ -3576,17 +3953,19 @@
- How CURLOPT_TIMEVALUE is treated.
+ Set how CURLOPT_TIMEVALUE is treated.
Use CURL_TIMECOND_IFMODSINCE to return the
page only if it has been modified since the time specified in
CURLOPT_TIMEVALUE. If it hasn't been modified,
- a "304 Not Modified" header will be returned
+ a 304 Not Modified header will be returned
assuming CURLOPT_HEADER is &true;.
Use CURL_TIMECOND_IFUNMODSINCE for the reverse
effect. Use CURL_TIMECOND_NONE to ignore
CURLOPT_TIMEVALUE and always return the page.
- CURL_TIMECOND_NONE is the default. Before cURL 7.46.0 the default was
+ CURL_TIMECOND_NONE is the default.
+ Prior to cURL 7.46.0 the default was
CURL_TIMECOND_IFMODSINCE.
+ Available as of cURL 7.1.0.
@@ -3598,6 +3977,8 @@
The maximum number of seconds to allow cURL functions to execute.
+ Defaults to 0, meaning that functions never time out during transfer.
+ Available as of cURL 7.1.0.
@@ -3610,10 +3991,10 @@
The maximum number of milliseconds to allow cURL functions to
execute.
-
- If libcurl is built to use the standard system name resolver, that
+ If cURL is built to use the standard system name resolver, that
portion of the connect will still use full-second resolution for
timeouts with a minimum timeout allowed of one second.
+ Defaults to 0, meaning that functions never time out during transfer.
Available as of cURL 7.16.2.
@@ -3627,6 +4008,8 @@
The time in seconds since January 1st, 1970. The time will be used
by CURLOPT_TIMECONDITION.
+ Defaults to 0.
+ Available as of cURL 7.1.0.
@@ -3642,7 +4025,7 @@
The difference between this option and CURLOPT_TIMEVALUE
is the type of the argument. On systems where 'long' is only 32 bit wide,
this option has to be used to set dates beyond the year 2038.
- Available as of PHP 7.3.0 and cURL 7.59.0
+ Available as of PHP 7.3.0 and cURL 7.59.0.
@@ -3653,12 +4036,12 @@
- The list of cipher suites to use for the TLS 1.3 connection. The list must be
- syntactically correct, it consists of one or more cipher suite strings separated by colons.
- This option is currently used only when curl is built to use OpenSSL 1.1.1 or later.
- If you are using a different SSL backend you can try setting
- TLS 1.3 cipher suites by using the CURLOPT_SSL_CIPHER_LIST option. Available when built with OpenSSL >= 1.1.1.
- Available as of PHP 7.3.0 and cURL 7.61.0
+ A string with a colon-separated list of ciphers
+ to use for the connection to the TLS 1.3 connection.
+ This option is currently used only when cURL is built to use OpenSSL 1.1.1 or later.
+ When using a different SSL backend the TLS 1.3 cipher suites can be set
+ with the CURLOPT_SSL_CIPHER_LIST option.
+ Available as of PHP 7.3.0 and cURL 7.61.0.
@@ -3735,6 +4118,8 @@
For LDAP, it retrieves data in plain text instead of HTML. On
Windows systems, it will not set STDOUT to binary
mode.
+ Defaults to &false;.
+ Available as of cURL 7.1.1.
@@ -3747,7 +4132,9 @@
Enables the use of Unix domain sockets as connection endpoint and
sets the path to the given string.
- Available as of PHP 7.0.7 and cURL 7.40.0
+ Set to &null; to disable.
+ Defaults to &null;.
+ Available as of PHP 7.0.7 and cURL 7.40.0.
@@ -3762,6 +4149,8 @@
when following locations (using
CURLOPT_FOLLOWLOCATION), even when the
hostname has changed.
+ Defaults to &false;.
+ Available as of cURL 7.10.4.
@@ -3776,8 +4165,9 @@
on existing connections in order to keep them alive. This option defines the connection upkeep interval.
Currently, the only protocol with a connection upkeep mechanism is HTTP/2. When the connection upkeep
interval is exceeded, an HTTP/2 PING frame is sent on the connection.
- Default is 60 seconds.
- Available as of PHP 8.2.0 and cURL 7.62.0
+ Defaults to CURL_UPKEEP_INTERVAL_DEFAULT
+ which is currently 60 seconds.
+ Available as of PHP 8.2.0 and cURL 7.62.0.
@@ -3788,7 +4178,9 @@
- &true; to prepare for an upload.
+ &true; to prepare for and perform an upload.
+ Defaults to &false;.
+ Available as of cURL 7.1.0.
@@ -3802,7 +4194,7 @@
Preferred buffer size in bytes for the cURL upload buffer.
The upload buffer size by default is 64 kilobytes. The maximum buffer size allowed to be set is 2 megabytes.
The minimum buffer size allowed to be set is 16 kilobytes.
- Available as of PHP 8.2.0 and cURL 7.62.0
+ Available as of PHP 8.2.0 and cURL 7.62.0.
@@ -3815,6 +4207,7 @@
The URL to fetch. This can also be set when initializing a
session with curl_init.
+ Available as of cURL 7.1.0.
@@ -3829,11 +4222,8 @@
when using FTP, SMTP, POP3, IMAP, etc.
These are all protocols that start out plain text
and get "upgraded" to SSL using the STARTTLS command.
- Set to one of the following:
- CURLUSESSL_NONE,
- CURLUSESSL_TRY,
- CURLUSESSL_CONTROL or
- CURLUSESSL_ALL.
+ Set to one of the
+ CURLUSESSL_* constants.
Available as of cURL 7.17.0.
@@ -3845,8 +4235,9 @@
- The contents of the "User-Agent: " header to be
+ The contents of the User-Agent: header to be
used in a HTTP request.
+ Available as of cURL 7.1.0.
@@ -3858,7 +4249,7 @@
The user name to use in authentication.
- Available as of cURL 7.19.1
+ Available as of cURL 7.19.1.
@@ -3870,8 +4261,9 @@
A username and password formatted as
- "[username]:[password]" to use for the
+ [username]:[password] to use for the
connection.
+ Available as cURL 7.1.0.
@@ -3885,6 +4277,8 @@
&true; to output verbose information. Writes
output to STDERR, or the file specified using
CURLOPT_STDERR.
+ Defaults to &false;.
+ Available as of cURL 7.1.0.
@@ -3912,11 +4306,34 @@
- A callback accepting two parameters.
- The first is the cURL resource, and the second is a
- string with the data to be written. The data must be saved by
- this callback. It must return the exact number of bytes written
+ A callable with the following signature:
+
+ intcallback
+ resourcecurlHandle
+ stringdata
+
+
+
+ curlHandle
+
+
+ The cURL handle.
+
+
+
+
+ data
+
+
+ The data to be written.
+
+
+
+
+ The data must be saved by the callback
+ and the callback must return the exact number of bytes written
or the transfer will be aborted with an error.
+ Available as of cURL 7.1.0.
@@ -3927,7 +4344,8 @@
- The file that the header part of the transfer is written to.
+ Accepts a file handle resource to the file that the header part of the transfer is written to.
+ Available as of cURL 7.1.0.
@@ -3938,7 +4356,10 @@
- Available as of PHP 8.3.0 and cURL 7.86.0
+ Accepts a bitmask setting WebSocket behavior options.
+ The only available option is CURLWS_RAW_MODE.
+ Defaults to 0.
+ Available as of PHP 8.3.0 and cURL 7.86.0.
@@ -3949,9 +4370,59 @@
- A callback accepting two parameters.
- Has a similar purpose as CURLOPT_PROGRESSFUNCTION but is more modern
- and the preferred option from cURL.
+ A callable with the following signature:
+
+ intcallback
+ resourcecurlHandle
+ intbytesToDownload
+ intbytesDownloaded
+ intbytesToUpload
+ intbytesUploaded
+
+
+
+ curlHandle
+
+
+ The cURL handle.
+
+
+
+
+ bytesToDownload
+
+
+ The total number of bytes expected to be downloaded in this transfer.
+
+
+
+
+ bytesDownloaded
+
+
+ The number of bytes downloaded so far.
+
+
+
+
+ bytesToUpload
+
+
+ The total number of bytes expected to be uploaded in this transfer.
+
+
+
+
+ bytesUploaded
+
+
+ The number of bytes uploaded so far.
+
+
+
+
+ Return 1 to abort the transfer
+ and set a CURLE_ABORTED_BY_CALLBACK error.
Available as of PHP 8.2.0 and cURL 7.32.0.
@@ -3964,7 +4435,9 @@
Specifies the OAuth 2.0 access token.
- Available as of PHP 7.0.7 and cURL 7.33.0
+ Set to &null; to disable.
+ Defaults to &null;.
+ Available as of PHP 7.0.7 and cURL 7.33.0.